AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/21/2022

Mobile phone hackers wield “Violence-as-a-service” for money, revenge

If you ask ‘Yuki’ why he helped found a channel on Telegram to facilitate the settling of scores in the mobile phone hacking community, he says it was about supply and demand. Lots of young SIM swappers were looking for a way to get back at enemies in the real world. SIM swapping at its most basic level entails someone hijacking your mobile phone. They swap your SIM card and all the information on it for a SIM card they own – and just like that they have access to your passwords, your emails, and the two-factor authentication codes that protect bank accounts and cryptocurrency wallets. SIM swappers have been draining those accounts and stealing millions.

 

Imperva mitigated long-lasting, 25.3 billion request DDoS attack

Internet security company Imperva has announced its DDoS (distributed denial of service) mitigation solution has broken a new record, defending against a single attack that sent over 25.3 billion requests to one of its customers. The target was a Chinese telecommunications service provider often at the receiving end of DDoS attacks with unusually large volumes. The DDoS attack unfolded on June 27, 2022, peaking at 3.9 million requests per second (RPS) and averaging 1.8 million RPS. While this pales compared to the record-breaking attack that Cloudflare mitigated in June, which topped at 26 million RPS, the duration in Imperva’s case was unusually long.

 

VMware Warns of ‘ChromeLoader’ Delivering Ransomware, Destructive Malware

VMware’s Carbon Black team warns that the ChromeLoader malware is now delivering malware such as ZipBomb and the Enigma ransomware to business services and government organizations. ChromeLoader was initially observed targeting Windows users in January 2022 – a macOS variant was spotted in March – when it was being dropped as an ISO file and could leak users’ browser credentials, collect data on their online activities, and display ads by hijacking browser searches. The threat is being distributed as pirated or cracked versions of applications or games, typically on social media platforms, pirating sites, torrents, and bundled with legitimate games and software.

 

‘Astonishing.’ Morgan Stanley hard drives holding sensitive client data got auctioned off online

Federal regulators accused Morgan Stanley on Tuesday of “astonishing” failures that led to the mishandling of sensitive data on some 15 million customers. Morgan Stanley was slapped with a $35 million fine from the Securities and Exchange Commission for extensive failures to safeguard personal identifying information on its clients. Since at least 2015 Morgan Stanley did not properly get rid of devices holding sensitive customer data, according to the settlement. In one episode described by the SEC, Morgan Stanley hired a moving company – one that had “no experience or expertise” in data destruction – to decommission thousands of hard drives and servers holding customer data.

 

Video Game Publisher Admits Helpdesk Was Hijacked

US video game publisher 2K has warned players of its titles not to click on links sent out by its help desk recently, as they are likely to be malicious. The firm, which is a subsidiary of Take-Two Interactive, released a brief statement on Twitter overnight. “Earlier today, we became aware that an unauthorized third party illegally accessed the credentials of one of our vendors to the help desk platform that 2K uses to provide support to our customers,” the message read. “The unauthorized party sent a communication to certain players containing a malicious link. Please do not open any emails or click on any links that you receive from the 2K Games support account.”

 

Twitch to Ban Unlicensed Gambling Websites From Streaming

Twitch is reacting to growing concerns over gambling on its platform by implementing a change of policy and significantly curbing who can stream gambling content. In an update posted on Twitter, which you can read below, Twitch references the fact gambling has become a big discussion point on the streaming platform. Sharing links or referral codes to sites offering slots, roulette, or dice games is already prohibited, but Twitch admits “we’ve seen some people circumvent those rules and expose our community to potential harm.”

Related Posts